Spring安全性 - 禁用注销重定向 [英] Spring security - Disable logout redirect

问题描述

我正在使用带有REST的Spring安全性，并且我使用URL（ / logout ）作为我的注销方法的端点。但在调用此方法后，它将我重定向到（ / login？logout ），我知道这是spring logOutSuccessUrl 。我想摆脱重定向。这是我的代码：

I'm using spring security with REST, and I'm using the URL (/logout) as an endpoint for my logout method. But after calling this method, it redirect me to (/login?logout), I know this is the spring logOutSuccessUrl. And I want to get rid of the redirection. This is my code:

protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
         .antMatchers("/login").permitAll()
         .anyRequest().fullyAuthenticated()
         .and().requiresChannel().anyRequest().requiresSecure()
         .and().httpBasic().disable().logout()
         .disable()
       //  .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK))
          .csrf().disable();

}

我试图使用 HttpStatusReturningLogoutSuccessHandler 但它不起作用，甚至设置 logoutSuccessUrl（）也不会改变任何内容。

I tried to use HttpStatusReturningLogoutSuccessHandler but it didn't work, and even setting logoutSuccessUrl() doesn't change anything.

你知道如何禁用这个重定向吗？

Do you know how can I disable this redirection?

推荐答案

以下代码适用于我（注意它不适用有 logout（）。disable（））

Following code works for me (notice that it doesn't have logout().disable())

http.logout().permitAll();
http.logout().logoutSuccessHandler((new HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK)));

这篇关于Spring安全性 - 禁用注销重定向的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！